Story #6847: As an installer user, I can configure Pulp to run with TLS enabled using self-signed certificates - Pulp

Actions

Send by e-mail Copy link

Story #6847

closed

Story #6331: [Epic] Add SSL support

As an installer user, I can configure Pulp to run with TLS enabled using self-signed certificates

Added by bmbouter almost 4 years ago. Updated over 3 years ago.

Status:

CLOSED - CURRENTRELEASE

Priority:

Normal

Assignee:

Category:

Installer - Moved to GitHub issues

Sprint/Milestone:

3.8.0

Start date:

Due date:

% Done:

100%

Estimated time:

Platform Release:

Groomed:

Yes

Sprint Candidate:

Tags:

Sprint:

Sprint 78

Quarter:

Description

Background¶

In some cases users of Pulp users want TLS and would like to have self-signed certificates. The motivation is for installations where the user doesn't have existing certs and letsencrypt certs are not an option because the the pulp host is not internet accessible.

Solution¶

Add options to the installer for the user to express their intent to have Pulp create and use self-signed TLS certificates. If provided, the installer should create self-signed certificates for the hostname of the host. The certificates should be used to configure either the Apache or Nginx configuration Pulp to run on port 443 with TLS enabled.

This option would not be enabled by default.

Actions

Copy link

Updated by bmbouter almost 4 years ago

Parent issue set to #6331

Actions

Copy link

Updated by bmbouter almost 4 years ago

Tracker changed from Issue to Story
% Done set to 0

Actions

Copy link

Updated by pulpbot almost 4 years ago

Status changed from NEW to POST

PR: https://github.com/pulp/pulp_installer/pull/325

Actions

Copy link

Updated by dkliban@redhat.com almost 4 years ago

Groomed changed from No to Yes
Sprint set to Sprint 74

Actions

Copy link

Updated by rchan almost 4 years ago

Sprint changed from Sprint 74 to Sprint 75

Actions

Copy link

Updated by rchan almost 4 years ago

Sprint changed from Sprint 75 to Sprint 76

Actions

Copy link

Updated by pulpbot almost 4 years ago

PR: https://github.com/pulp/pulp_installer/pull/356

Actions

Copy link

Updated by rchan almost 4 years ago

Sprint changed from Sprint 76 to Sprint 77

Added by spredzy over 3 years ago

Revision 83e9b685 | View on GitHub

pulp_webserver: Add support for TLS configuration

Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.

Support has been added for both nginx and apache.

fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847

Co-Authored-By: Matthias Dellweg mdellweg@redhat.com

Added by spredzy over 3 years ago

Revision 83e9b685 | View on GitHub

pulp_webserver: Add support for TLS configuration

Enable HTTPS by default when deploying a new pulp server. One can either specify the value of the certificate and the key. Or, if none available, can have the installer generating them.

Support has been added for both nginx and apache.

fixes #6845 https://pulp.plan.io/issues/6845 fixes #6847 https://pulp.plan.io/issues/6847

Co-Authored-By: Matthias Dellweg mdellweg@redhat.com

Actions

Copy link